remotes/1693045480750635534/spooky-22
parent
ff3062d8d4
commit
b6c341eba6
|
|
@ -267,6 +267,10 @@ def api_comment(v):
|
|||
try:
|
||||
marsey = loads(body.lower())
|
||||
name = marsey["name"]
|
||||
|
||||
if not marsey_regex.fullmatch(name):
|
||||
return {"error": "Invalid name!"}, 403
|
||||
|
||||
if "author" in marsey: author_id = get_user(marsey["author"]).id
|
||||
elif "author_id" in marsey: author_id = marsey["author_id"]
|
||||
else: abort(400)
|
||||
|
|
|
|||
|
|
@ -207,12 +207,9 @@ def sign_up_get(v):
|
|||
|
||||
error = request.values.get("error", None)
|
||||
|
||||
redir = request.values.get("redirect", "/").replace("/logged_out", "").strip()
|
||||
|
||||
return render_template("sign_up.html",
|
||||
formkey=formkey,
|
||||
now=now,
|
||||
redirect=redir,
|
||||
ref_user=ref_user,
|
||||
hcaptcha=app.config["HCAPTCHA_SITEKEY"],
|
||||
error=error
|
||||
|
|
@ -249,7 +246,7 @@ def sign_up_post(v):
|
|||
|
||||
username = request.values.get("username").strip()
|
||||
|
||||
def new_signup(error):
|
||||
def signup_error(error):
|
||||
|
||||
args = {"error": error}
|
||||
if request.values.get("referred_by"):
|
||||
|
|
@ -259,20 +256,20 @@ def sign_up_post(v):
|
|||
return redirect(f"{SITE_FULL}/signup?{urlencode(args)}")
|
||||
|
||||
if now - int(form_timestamp) < 5:
|
||||
return new_signup("There was a problem. Please try again.")
|
||||
return signup_error("There was a problem. Please try again.")
|
||||
|
||||
if not hmac.compare_digest(correct_formkey, form_formkey):
|
||||
return new_signup("There was a problem. Please try again.")
|
||||
return signup_error("There was a problem. Please try again.")
|
||||
|
||||
if not request.values.get(
|
||||
"password") == request.values.get("password_confirm"):
|
||||
return new_signup("Passwords did not match. Please try again.")
|
||||
return signup_error("Passwords did not match. Please try again.")
|
||||
|
||||
if not valid_username_regex.fullmatch(username):
|
||||
return new_signup("Invalid username")
|
||||
return signup_error("Invalid username")
|
||||
|
||||
if not valid_password_regex.fullmatch(request.values.get("password")):
|
||||
return new_signup("Password must be between 8 and 100 characters.")
|
||||
return signup_error("Password must be between 8 and 100 characters.")
|
||||
|
||||
email = request.values.get("email").strip().lower()
|
||||
|
||||
|
|
@ -282,12 +279,13 @@ def sign_up_post(v):
|
|||
if existing_account and existing_account.reserved:
|
||||
return redirect(existing_account.url)
|
||||
|
||||
if existing_account: return new_signup("An account with that username already exists.")
|
||||
if existing_account:
|
||||
return signup_error("An account with that username already exists.")
|
||||
|
||||
if app.config.get("HCAPTCHA_SITEKEY"):
|
||||
token = request.values.get("h-captcha-response")
|
||||
if not token:
|
||||
return new_signup("Unable to verify captcha [1].")
|
||||
return signup_error("Unable to verify captcha [1].")
|
||||
|
||||
data = {"secret": app.config["HCAPTCHA_SECRET"],
|
||||
"response": token,
|
||||
|
|
@ -297,7 +295,7 @@ def sign_up_post(v):
|
|||
x = requests.post(url, data=data, timeout=5)
|
||||
|
||||
if not x.json()["success"]:
|
||||
return new_signup("Unable to verify captcha [2].")
|
||||
return signup_error("Unable to verify captcha [2].")
|
||||
|
||||
session.pop("signup_token")
|
||||
|
||||
|
|
|
|||
|
|
@ -186,7 +186,7 @@
|
|||
<a class="btn btn-primary" href="/login?redirect={{request.path | urlencode}}">Sign in</a>
|
||||
</li>
|
||||
<li class="nav-item d-flex align-items-center justify-content-center mx-1">
|
||||
<a class="btn btn-primary" href="/signup?redirect={{request.path | urlencode}}">Sign up</a>
|
||||
<a class="btn btn-primary" href="/signup">Sign up</a>
|
||||
</li>
|
||||
{% endif %}
|
||||
</ul>
|
||||
|
|
@ -243,7 +243,7 @@
|
|||
<a class="btn btn-primary btn-block" href="/login?redirect={{request.path | urlencode}}">Sign in</a>
|
||||
</li>
|
||||
<li class="nav-item d-flex align-items-center justify-content-center">
|
||||
<a class="btn btn-primary btn-block" href="/signup?redirect={{request.path | urlencode}}">Sign up</a>
|
||||
<a class="btn btn-primary btn-block" href="/signup">Sign up</a>
|
||||
</li>
|
||||
{% endif %}
|
||||
<li class="mt-3">
|
||||
|
|
@ -256,7 +256,7 @@
|
|||
</div>
|
||||
</nav>
|
||||
|
||||
<script src="/static/assets/js/header.js?a=250"></script>
|
||||
<script src="/static/assets/js/header.js?a=251"></script>
|
||||
|
||||
{% if v and not err %}
|
||||
<div id="formkey" class="d-none">{{v.formkey}}</div>
|
||||
|
|
|
|||
|
|
@ -1162,7 +1162,7 @@
|
|||
<h5 class="card-title">Jump in the discussion.</h5>
|
||||
<p class="card-text">No email address required.</p>
|
||||
<div>
|
||||
<a href="/signup?redirect={{request.path | urlencode}}" class="btn btn-primary">Sign up</a>
|
||||
<a href="/signup" class="btn btn-primary">Sign up</a>
|
||||
<a href="/login?redirect={{request.path | urlencode}}" class="btn btn-link text-muted">Sign in</a>
|
||||
</div>
|
||||
</div>
|
||||
|
|
|
|||
|
|
@ -18,7 +18,7 @@
|
|||
{% if not u.fish %}<div id="button-unsub-{{u.id}}" style="z-index: 2" class="{% if not u.has_follower(v) %} d-none{% endif %}"><a class="btn btn-secondary " role="button" onclick="post_toast2(this,'/unfollow/{{u.username}}','button-sub-{{u.id}}','button-unsub-{{u.id}}')">Unfollow</a></div>{% endif %}
|
||||
{% endif %}
|
||||
{% else %}
|
||||
<div id="button-sub-{{u.id}}" style="z-index: 2" "><a class="btn btn-primary " href="/signup?redirect={{request.path}}">Follow</a></div>
|
||||
<div id="button-sub-{{u.id}}" style="z-index: 2"><a class="btn btn-primary " href="/signup">Follow</a></div>
|
||||
{% endif %}
|
||||
</div>
|
||||
|
||||
|
|
|
|||
Loading…
Reference in New Issue